C# (CSharp) AmySuite AssemblyBox Beispiele

Beispiel #1

Datei: Program.cs Projekt: AxFab/amy

        public void DisplayHeader(AssemblyBox box)
        {
            Console.WriteLine("Architecture {0}\nFlags: {1}\n", box.Machine, box.Flags);
              Console.WriteLine("Start address {0}\n", null);
              Console.WriteLine("Time/Date \t{0}\n", new DateTime());
              Console.WriteLine();
              Console.WriteLine("Sections:");
              Console.WriteLine(" Idx Name       Size      Virtual   Offset    RawSize");
              int idx = 0;
              foreach (AssemblySection section in box.Sections) {
            Console.WriteLine(" {0,3} {1,-10} {2}  {3}  {4}  {5}", idx, section.Alias,
            Hexa.ToString(section.Size).Substring(2), Hexa.ToString(section.Virtual).Substring(2),
            Hexa.ToString(section.FileOffset).Substring(2), Hexa.ToString(section.FileLength).Substring(2));
            Console.WriteLine("                {0}", section.Flags);
              }

              Console.WriteLine();
              Console.WriteLine("Symbols:\n  Not implemented");
              Console.WriteLine();
        }

Beispiel #2

Datei: Program.cs Projekt: AxFab/amy

        public void Extract(AssemblyBox box)
        {
            Intelx86 ix86 = new Intelx86(box.TextSection.Data);

              // TODO Support file type detection !
              Console.WriteLine("Disassembly of section .text:\n");

              long address = box.TextSection.Virtual;
              Console.WriteLine("{0} <...>:", Hexa.ToString(address, 8, false).Substring(2));
              for (; ; ) {
            x86Operator op = ix86.Next();
            if (op == null)
              break;

            string amyMn = "  " + Hexa.ToString(address).Substring(7) + ":\t";
            for (var i = 0; i < Math.Min(op.Length, 7); ++i)
              amyMn += Hexa.ToString(ix86.Buffer[ix86.Offset + i], 2, false, false) + " ";
            for (var i = Math.Min(op.Length, 7); i < 7; ++i)
              amyMn += "   ";
            amyMn += "\t";
            amyMn += op.ATNTWriting;

            Console.WriteLine(amyMn);

            address += op.Length;
            int lg = op.Length, k = 7;
            while (lg > 7) {
              amyMn = "     :\t";
              for (var i = k; i < Math.Min(op.Length, k + 7); ++i)
            amyMn += Hexa.ToString(ix86.Buffer[ix86.Offset + i], 2, false, false) + " ";
              Console.WriteLine(amyMn);
              lg -= 7;
              k += 7;
            }

              }

              Console.WriteLine();
        }

Beispiel #3

Datei: AssemblyImage.cs Projekt: AxFab/amy

        public static AssemblyBox ReadPEFile(BinaryReader reader)
        {
            PEArchitecture machine = (PEArchitecture)reader.ReadUInt16();
              uint NumberOfSections = reader.ReadUInt16();
              uint TimeDateStamp = reader.ReadUInt32();
              uint PointerToSymbolTable = reader.ReadUInt32();
              uint NumberOfSymbols = reader.ReadUInt32();
              uint SizeOfOptionalHeader = reader.ReadUInt16();
              PEFlags Characteristics = (PEFlags)reader.ReadUInt16();

              AssemblyBox box = new AssemblyBox(reader);
              for (int i = 0; i < NumberOfSections; ++i) {
            box.Add(ReadPESection(reader));
              }

              return box;
        }